Re: Making md5-hash 'mysql compatible'

From: Oscar kind (nobody_at_nowhere.net)
Date: 03/04/04

  • Next message: franz: "after database probs again: DESIGN PATTERN"
    Date: 04 Mar 2004 07:40:41 GMT
    
    

    Daan <d_stolp@nospam.hotmail.com> wrote:
    > To store a password in a database, I have used MySQL's MD5-function to
    > create a hash of the password. Now I have a user who enters a password
    > (via an html form) that needs to be checked. I have tried to create an
    > md5-hash using the MessageDigest class, but since this works on bytes
    > (not on strings), I have not been able to create a hash (as a string)
    > that I can compare to the hash string that is stored in the database.
    >
    > How can I create a hash of the password that the user enters, such that
    > is is equal to the hash in the MySQL database? (provided that the user
    > enters the right password)

    AFAIK, the MD5 hashing algorithm is the same in both cases (it is a
    published algorithm). Thus the trick is to put the same bytes into it as
    MySQL does.

    Assuming that MySQL uses the US-ASCII character encoding, I suspect MySQL
    uses these bytes to hash "foo":
            "foo".getBytes("US-ASCII");

    Make sure you catch the UnsupportedEncodingException (personally, I
    rethrow is as an Error/AssertionError, as I believe it's a JRE
    configuration issue, but your opinion may be different).

    Oscar

    -- 
    Oscar Kind                                    http://home.hccnet.nl/okind/
    Java/J2EE Developer                             email available on website
    

  • Next message: franz: "after database probs again: DESIGN PATTERN"